fortigate-3040b-quickstart
DESCRIPTION
Fortigate 3040 B QuickstartTRANSCRIPT
QuickStart Guide
© Copyright 2010 Fortinet Incorporated. All rights reserved. Products mentioned in this document are trademarks or registered trademarks of their respective holders.Regulatory ComplianceFCC Class A Part 15, / CE Mark10 December 2010
FortiGate-3040B
01-413-125361-20101210
Visit these links for more information and documentation for your Fortinet product:
Technical Documentation - http://docs.fortinet.com Fortinet Knowledge Center - http://kb.fortinet.comTechnical Support - http://support.fortinet.com Training Services - http://campus.training.fortinet.com
NAT/Route modeYou would typically use NAT/Route mode when the FortiGate unit is deployed as a gateway between private and public networks. In its default NAT/Route mode configura-tion, the unit functions as a firewall. Firewall policies control communications through the FortiGate unit.
Transparent modeYou would typically use the FortiGate unit in Transparent mode on a private network be-hind an existing firewall or behind a router. In its default Transparent mode configuration, the unit functions as a firewall.
Web-based Manager1. Connect the FortiGate MGMT1 interface to a management computer Ethernet inter-
face. Use a cross-over Ethernet cable to connect the devices directly. Use straight-through Ethernet cables to connect the devices through a hub or switch.
2. Configure the management computer to be on the same subnet as the MGMT1 interface of the FortiGate unit. To do this, change the IP address of the management computer to 192.168.1.2 and the netmask to 255.255.255.0.
3. To access the FortiGate web-based manager, start a web browser and type the ad-dress https://192.168.1.99
4. Type admin in the Name field and click Login.
NAT/Route modeTo change the administrator password1. Go to System > Admin > Administrators.2. Select Change Password for the admin administrator and enter a new password.To configure interfaces1. Go to System > Network > Interface.2. Select the edit icon for each interface to configure.3. Set the addressing mode for the interface. (See the online help for information.)
• For manual addressing, enter the IP address and netmask for the interface.• For DHCP addressing, select DHCP and any required settings.• For PPPoE addressing, select PPPoE, and enter the username and password and
any other required settings.To configure the Primary and Secondary DNS server IP addresses1. Go to System > Network > Options, enter the Primary and Secondary DNS IP ad-
dresses that you recorded above and select Apply.To configure a Default Gateway1. Go to Router > Static and select Edit icon for the static route.2. Set Gateway to the Default Gateway IP address you recorded above and select OK.
Transparent mode To switch from NAT/route mode to transparent mode1. Go to System > Config > Operation Mode and select Transparent.2. Set the Management IP/Netmask to 192.168.1.99/24.3. Set a default Gateway and select Apply.To change the administrator password1. Go to System > Admin > Administrators.2. Select Change Password for the admin administrator and enter a new password.
To change the management interface1. Go to System > Config > Operation Mode.2. Enter the Management IP address and netmask that you recorded above and select
Apply.To configure the Primary and Secondary DNS server IP addresses1. Go to System > Network > Options, enter the Primary and Secondary DNS IP address-
es that you recorded above and select Apply.
Command Line Interface1. Use the RJ-45 to DB9 serial cable to connect the FortiGate Console port to the man-
agement computer serial port. 2. Start a terminal emulation program (HyperTerminal) on the management computer.
Use these settings: Baud Rate (bps) 9600, Data bits 8, Parity None, Stop bits 1, and Flow Control None.
3. At the Login: prompt, type admin and press Enter twice (no password required).
NAT/Route mode1. Configure the FortiGate MGMT1 interface.
config system interface edit MGMT1 set ip <intf_ip>/<netmask_ip>end
2. Repeat to configure each interface, for example, to configure the Port 1 interface.config system interface edit port1 ...
3. Configure the primary and secondary DNS server IP addresses.config system dns set primary <dns-server_ip> set secondary <dns-server_ip>end
4. Configure the default gateway.config router static edit 1 set gateway <gateway_ip>end
Transparent Mode1. Change from NAT/Route mode to Transparent mode and configure the Management
IP address.config system settings set opmode transparent set manageip <mng_ip>/<netmask> set gateway <gateway_ip>end
2. Configure the DNS server IP address.config system dns set primary <dns-server_ip> set secondary <dns-server_ip>end
Configuring
AC Power Required 100-240 VAC ~ 12.0A Max 50-60 Hz
Chassis 2U
Network Interfaces
10 1GB SFP 8 10GB SFP+2 10/100/1000 Management ports2 USB 2.0 Type A1 Console port (RJ-45)
FSM slots 4 64GB SSD (1 included)
FSM1
FSM2
FSM3
FSM4
SHUT DOWN
POWER
STATUS
HA
ALARM
CONSOLEMGMT 1
FortiGate 3040B
NP4-1 NP4-2
1
4
3
2
5
6
7
8
9
10
11
12
13
14
15
16
17
18
10G SFP+
LED DescriptionPackage Contents
FSM1
FSM2
FSM3
FSM4
SHUT DOWN
POWER
STATUS
HA
ALARM
CONSOLEMGMT 1
FortiGate 3040B
NP4-1 NP4-2
1
4
3
2
5
6
7
8
9
10
11
12
13
14
15
16
17
18
10G SFP+
LEDs
Console port
USBports
Managment ports
SFP ports
SFP+ ports Shut down
butttonFSM
modules
Front
Back
Power Supply 2
Power Supply 1
Fan LEDsGround
FAN FAN FAN FAN FAN FAN
POWER 1
POWER 2
Fan LEDsFan LED Fan LED
FSM-064 pre-installed
Interface Description
Connecting
Administrator user name admin
Administrator password (none)
NAT/Route modeMGMT1 192.168.1.99
Port 1 192.168.100.99
To reset the FortiGate unit to the factory defaults, in the CLI type the command: execute factoryreset
Straight-throughEthernet cable
Power Cable x2
FortiGate-30B
FortiGate
Tools and Documentation
Copyright 2010 Fortinet Incorporated. All rights reserved.TrademarksProducts mentioned in this document are trademarks.
SFP+ Transceiver x2
RJ-45 toDB-9 Serial Cable
Front Handles
FSM1
FSM2
FSM3
FSM4
SHUT DOWN
POWER
STATUS
HA
ALARM
CONSOLE
USB
MGMT 1
MGMT 2
FortiGate 3040B
NP4-1 NP4-2
1
4
3
2
5
6
7
8
9
10
11
12
13
14
15
16
17
18
10G SFP+
REGISTER
Factory Defaults
Connect the following to the FortiGate unit. Ensure the FortiGate unit is placed on a stable surface or install in a standard 19 inch rack.• Connect the RJ-45 to DB-9 serial cable into the Console port on the unit. Insert the
other end into the management computer.• Insert the ethernet cable into a port. Insert the other end to the router connected to
the Internet.• Connect the AC power cables to the power supplies. • Connect the AC power cords to a surge protected power bar or power supply.
SFP TransceiversCaution: Do not force the SFP transceivers into the cage slots. You can damage the connector if handling the SFP transceivers by holding the release Latch. If the transceiver does not easily slide in and click into place, it may not be aligned correctly or may be upside down. If this happens, remove the SFP transceiver, realign it or rotate it and slide it in again.
To install the transceivers:1. Remove the caps from SFP cage sockets on the front panel.2. Hold the sides of the SFP transceiver and slide the SFP transceiver into the cage
socket until it clicks into place.
FSM ModulesPrior to inserting or removing a FSM module, please power down the system first.
Caution: When installing the FSM module, ensure that the FORTINET and/or “THIS SIDE UP” labels are orientated upwards when inserting the module into the unit.
To insert the FSM module:1. Insert the module into the FSM slot on the unit with the Fortinet and/or “This Side
Up” labels facing upwards. 2. Close the latch.
LED State Description
PowerGreen The unit is on.
Off The unit is off.
StatusGreen flashing The unit is starting up.
Green The unit is running normally.
HA
Green HA is enabled and in normal mode.
Red HA is enabled but in failover mode.
Off The unit is in stand-alone mode.
Alarm To be supported in a future release.
NP4-1, NP4-2Green NP4 to switch link status is normal.
Off NP4 to switch link status may have a prob-lem. Contact Fortinet Support if this occurs.
Ports 1 to 18
LinkGreen Port is online.
Off Port is offline.
ActivityGreen flashing Port is receiving or sending data.
Off Port might be on but is not receiving or send-ing data.
Manage-ment (MGMT) ports 1 and 2
LinkGreen Port is online.
Flashing Port is receiving or sending data.
Speed
Green Connected at 1000Mbps.
Amber Connected at 100 Mbps.
Off Connected at 10 Mbps.
AC powerGreen AC cable is connected and has power.
Amber AC cable is not connected or does not have power.
Fan
Green The fan is running and the speed is within proper range.
Off The fan is not running or the speed is over threshold.
Interface Type Speed Protocol Description
Ports 1 to 8 SFP+ (SR or LR)
10 Gbps/auto Ethernet Small form-factor pluggable transceiver.
Ports 9 to 18 SFP 1 Gbps/auto Ethernet Small form-factor pluggable transceiver.
CONSOLE RJ-45 9600 bps RS-232 serial
Optional connection to the man-agement computer. Provides access to the command line interface (CLI).
USB USB A Optional connections for the USB key, modem, or backup operation.
MGMT 1 and MGMT 2
RJ-45 10/100/1000 Ethernet Two management ports.
FSM slots 1 to 4
FSM Four SATA hard disk drive slots supports 2.5 inch solid state drives. One 64 GB SSD included.
Shutdown button
When pressed, the RAID sys-tem shuts down.